USB Stick of Death

The people over at j00ru tech blog have been messing around with the complex and largely unexplored NTFS file system commonly used on Microsoft Windows. It didn’t take them long to find a bug. But the thing thats best about a bug in NTFS is that you can stick a USB drive into the targetcomputer and use it’s auto mount function to exploit any vulnerabilities in ntfs.sys. They found some very promising results, one being a bug that they were able to exploit into a local elevation of privileges.

Note that the presented issue requires the attacker to obtain physical access to the machine and have a local user in the system. Consequently, the only scenario in which it might be a problem security-wise is a local computer shared between multiple users with restricted privileges (e.g. schools, universities, hostels). You can check out the full explanation of the bug here.